Priya PatelTLDR:
- Rite Aid experienced a data breach in June 2024, exposing the personal information of 2.2 million customers.
- No Social Security numbers, financial information, or patient health information were compromised.
Rite Aid, the third-largest drugstore chain in the United States, announced a data breach in June 2024 that affected 2.2 million customers. The breach was detected on June 6, 2024, when an unknown third party gained unauthorized access to the company’s systems using compromised employee credentials. The breach exposed customer names, addresses, dates of birth, and driver’s license numbers, but did not compromise sensitive information like Social Security numbers or financial data.
The company took several steps in response to the breach, including launching an internal investigation, reporting the incident to law enforcement, implementing additional security measures, and offering complimentary credit and identity theft monitoring services to impacted individuals. Despite claims from a ransomware group called RansomHub that they obtained 10GB of customer data affecting up to 45 million individuals, Rite Aid officially reported only 2.2 million affected customers.
This incident has highlighted concerns about cybersecurity in the healthcare sector, with experts calling for stronger regulations to protect patient data. Rite Aid continues to work with cybersecurity experts to restore their systems and emphasizes their commitment to safeguarding personal information and addressing the breach promptly.
